752f967c0f
I just had a colleague get confused by the previous phrase for good reason. "valid" sounds like an *objective* criterion, e.g. and *invalid signature* would be one that would be trusted by no one, e.g. because it misformatted or something. What is actually going is that there might be a signature which is perfectly valid to *someone else*, but not to the user, because they don't trust the corresponding public key. This is a *subjective* criterion, because it depends on the arbitrary and personal choice of which public keys to trust. I therefore think "trustworthy" is a better adjective to use. Whether something is worthy of trust is clearly subjective, and then "trust" within that word nicely evokes `trusted-public-keys` and friends. |
||
---|---|---|
.. | ||
build-remote | ||
libcmd | ||
libexpr | ||
libfetchers | ||
libmain | ||
libstore | ||
libutil | ||
nix | ||
nix-build | ||
nix-channel | ||
nix-collect-garbage | ||
nix-copy-closure | ||
nix-env | ||
nix-instantiate | ||
nix-store | ||
resolve-system-dependencies | ||
toml11 |